2.6 Secure channels and the CIA triad

So far, we have discussed three important cryptographic goals: confidentiality, integrity, and authentication. For the purposes of this book, the term secure system can be defined as a system that provides a combination of those three goals. Taken together, confidentiality, integrity, and authentication are oftentimes referred to as the CIA triad.

Some modern-day scholars and newer books on computer security use the term availability instead of authentication for the A in CIA. In this book, we deliberately stick to the classical definition. The main reason for this is that, strictly speaking, availability belongs to the realm of security engineering, not cryptography. While cybersecurity threats such as denial-of-service attacks are sometimes discussed in cryptography-related literature, a cryptographic protocol and mechanism by itself is in principle unable to guarantee availability. As a rather simple example, any cryptographic protocol assumes that Alice and Bob can send and receive messages. On the level of cryptographic protocol design, it simply makes no sense to define a protocol if you cannot assume that the information can flow from Alice to Bob and back.

With the definition of the term secure via the CIA triad, we can now restate the problem defined in the Preliminaries section earlier in this chapter more exactly as the problem of establishing a secure communication channel between Alice and Bob (or between a client device and a server) such that the data transferred is guaranteed to be confidential, authenticated, and unmodified (which is implied by the data being authentic).

A bit less formally, you can think of a secure channel as some kind of tunnel Alice and Bob can use to transfer their data. An attacker cannot see from the outside what is going on in the tunnel: they can neither see the plaintext data nor modify the encrypted data without being detected. Moreover, the tunnel endpoints are authenticated, so Alice can be sure she is really sending her data to Bob, and that any data she receives through the tunnel really comes from Bob.

2.7 Summary

In this chapter, we introduced the most important cryptographic definitions and described the main cryptographic goals, namely confidentiality, integrity, and authentication. We showed that combining these goals into the CIA triad allows Alice and Bob to establish a secure channel in the presence of both passive and active attackers.

In the next chapter, you will learn what a cryptographic key – a secret shared by Alice and Bob – is and why it is needed to establish a secure channel. In particular, you will learn why Alice and Bob should update keys frequently, and how long the key should be so Alice and Bob can communicate securely.